Search code examples
network-programmingtcpipfragmentation

value of 'More Fragment' bit when IP packet is fragmented multiple times


Suppose I have two hosts, host A and host B, and host A sends a 1500 byte packet to B and there are two routers between them with a MTU of 800 bytes for the first link, and MTU of 500 bytes for the second link between them.

As I understand it the packet will have to be fragmented both times. The packet will have to be fragmented into 3 packets (2 equally sized packets and one smaller one).

Then when we hit this second router we will have each of the first two fragmented packets be fragmented once more. The first two original fragments will produce 1 larger fragment (close to 500 bytes), and one smaller one.

This is where I am confused.

I know that the 'More Fragment' bit should be set to 1 on all of the first 3 fragments except the last indicating that the packets are part of a fragment up to and including the next packet with 'More Fragment' set to 0. However, for the second set of fragments I am not so sure. If this was the first time the packet had been fragmented, the last fragment would have 'More Fragment' of 0, but since this is actually just a fragment somewhere in the middle of the original message, I have a feeling it should be 1.

I am hoping someone with more experience can shed some light on this for me. Is the 'More Fragment' bit used in reassembly? If so I would imagine that when the fragments are fragmented then we do not set the last fragment to 0.

So the algorithm would go:

If fragmenting a packet with 'More Fragment' set to 0, 
    then set 'More Fragment' to 1 in all fragmented packets except the last.
Else If fragmenting a packet with 'More Fragment' set to 1, 
    then set 'More Fragment' to 1 in all of the fragmented packets.

Is my assumption here correct?


Solution

  • You are more or less right. Routers besides adding MF (more fragments) flag are doing some more processing:

    To fragment/segment a long internet packet, a router (R1 in the figure below) creates a new IP packet and copies the contents of the IP header fields from the long packet into the new IP header. The data of the long packet is then divided into two portions on a 8 byte (64 bit) boundary, so that the first packet is less than the MTU of the out-going interface. The more-fragments flag (MF) in the first packet is set to one (to indicate that more fragments of this packet follow). The More Flag may already be set in this packet if it has already been fragmented by another system. This packet is forwarded.

    The second created new packet is then processed. The packet header field is identical to that of the original packet (including the same value of the packet ID, the total length field, the more-fragments flag (MF) and the fragment offset field in the original packet). The packet header field is updated with a new offset field, by adding the number of payload bytes sent in the first fragment. If this new packet is larger than the allowed link MTU, the packet is again fragmented.

    So in nutshell for already fragmented packets whole IP header is being copied to new packets (smaller fragments of fragment). It means that if IP packet has MF set it will be also copied to last fragmented packet. Thanks to changing offset and packets ID host receiving fragmented packets will be able to reassemble those.